CVE-2024-34942

EUVD-2024-35118
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
tendafh1206_firmware
1.2.0.8\(8155\)_en
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://palm-vertebra-fe9.notion.site/formexeCommand-200db77a90d34c708b903c935c7c65c0
https://palm-vertebra-fe9.notion.site/formexeCommand-200db77a90d34c708b903c935c7c65c0